PRICING

One plan. Transparent pricing. No surprises.

Hoop pricing scales with the number of identities connecting through the gateway: engineers, service accounts, and AI agents. Every feature is included. No tiers. No feature gating.

Get pricing →Get started free →
hoop gateway
identitystatus
engineerjsmith
active
agentcursor:prod
active
agentclaude-code
active
service accountetl-pipeline
idle
engineeratrevino
idle
service accountreporting-svc
idle
6 identities · billed monthlyall features included
hoop

WHAT’S INCLUDED

Everything. For every customer.

No feature tiers. No add-on pricing. Every capability listed below is included for every identity connecting through the gateway.

Secure Access

9 capabilities
  • Databases Postgres, MySQL, MongoDB, SQL Server, and more
  • Application Runtimes Rails, Django, Elixir IEx, PHP, and more
  • Command-line SSH, kubectl, awscli, and more
  • HTTP Web applications, REST APIs, and web services
  • TCP Zero-trust network access for granular control
  • RDP Remote desktop access with session recording and replay
  • Kubernetes exec, port-forward, and automatic role discovery
  • AWS SSM Systems Manager session access
  • Custom CLIs Any CLI-based tool via exec connection type (10-minute setup)

AI Agent Access Governance

9 capabilities
  • Unified identity model Same controls for humans and AI agents
  • Claude Code proxy Route Claude Code sessions through Hoop with full audit
  • Cursor integration Proxy AI coding tool calls with guardrails
  • Human-in-the-loop approvals Agents wait, humans approve via Slack/Teams
  • One-action elevated access Approve a single command, not a 30-minute privilege window
  • AI Session Analyzer LLM-based real-time analysis of session content, risk classification, anomaly detection
  • Machine identity entities API key and service token authentication for non-human identities
  • Agent behavior detection Distinguish automated/agent patterns from human interaction
  • Session linking Associate machine sessions back to the originating human identity

Developer Experience

8 capabilities
  • Developer Portal
  • Web Database Client and Terminal
  • Slack Integration
  • Microsoft Teams Integration
  • Runbooks Any Git integration
  • AI Query Builder Natural language search over session history
  • Native tool compatibility Developers use psql, kubectl, ssh, and other tools directly, no SDK
  • Clientless gateway architecture No software on developer endpoints for web-based access

Access Security and Control

8 capabilities
  • Passwordless Authentication
  • IDP SSO Integration (OIDC)
  • IDP Groups Sync (OAuth 2.0)
  • Groups-based Access Control
  • Profile-based Access Control Read-only by default, write with approval
  • Just-in-Time Native Access
  • Session Recording Full replay
  • Active Session Termination Kill sessions and revoke access from the UI or API

In-Session Controls

8 capabilities
  • Just-in-Time Command / Query Approval and Execution
  • AI Data Masking ML-based PII redaction (context-aware, not regex), sub-5ms latency
  • Google DLP integration Alternative backend for compliance pipelines
  • Microsoft Presidio integration Alternative backend for compliance pipelines
  • Preventive Guardrails Block destructive commands at the protocol layer (DROP, DELETE without WHERE, rm -rf, kubectl delete namespace, custom patterns)
  • Action-Level Control Approve or deny individual commands, not broad time windows
  • Scope Limiting Allow SELECT but block DDL, read but not write, per-resource and per-role
  • Open-source Plugins

Reporting and Monitoring

8 capabilities
  • Webhooks
  • Sessions and Connections PII Catalog
  • Sessions Contents Search Full-text indexing of all session content
  • Sessions Audit Reports
  • SIEM Integration Splunk, syslog, webhook export
  • Access Analytics
  • Data-in-Transit Risk Metrics Redaction counts, blocked operations, approval rejection rates
  • Fail-Open Mode Audit subsystem decoupled from data path, sessions continue if audit is unavailable

Compliance

4 capabilities
  • SOC2-ready audit trail
  • NIST audit compliance capabilities
  • Full session recording and tamper-proof centralized logs
  • Replayable sessions for forensic review

Supported Platforms

6 capabilities
  • Kubernetes
  • AWS ECS
  • Docker
  • Linux VM and Bare-metal
  • Managed (Hoop-hosted)
  • Self-hosted Docker, Kubernetes, or AWS with full control

Support

6 capabilities
  • Community support
  • Email support
  • Support SLA
  • Guided onboarding and training
  • Slack Connect with Hoop team
  • Private, vetted Slack channel
66+capabilities included in every plan. No feature gating. No surprises.

COMING SOON

What we’re building next.

Active development. These capabilities are on the roadmap and available for design partners.

gRPC / HTTP/2 Native protocol support
SPIFFE identity integration Service-to-service authentication
Machine identity UI Dedicated dashboards, session history, and policy configuration for non-human identities
Post-execution analysis Batch AI analysis of sessions with metadata output
MCP gateway Native Model Context Protocol support for agent execution tracing
Resource discovery NMAP-based discovery, admin password input, seed-account provisioning with pre-made runbooks
Cross-cloud provisioning Automated role creation across AWS, GCP, Azure
Native protocol guardrails expansion Cassandra and others
Self-hosted AI One-click deploy VM with packaged model for GCP, AWS, Azure

Engineers

Every human connecting to infrastructure through the gateway. Developers, DBAs, SREs.

e.g. 12 engineers

AI agents

Claude Code, Cursor, autonomous agents. Each agent identity counts separately from its human owner.

e.g. 8 agents

Service accounts

ETL pipelines, reporting services, CI/CD jobs. Non-human identities with programmatic access.

e.g. 4 service accounts

One identity = one engineer, service account, or AI agent connecting through the gateway. No per-feature pricing. No hidden limits.

Get pricing for your team.

Tell us how many engineers, agents, and service accounts connect to your infrastructure. We’ll give you a number.

Get pricing →Get started free →